# Copyright 2019 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# NOTE: This file is auto generated by the elixir code generator program.
# Do not edit this file manually.

defmodule GoogleApi.Container.V1.Model.UserManagedKeysConfig do
  @moduledoc """
  UserManagedKeysConfig holds the resource address to Keys which are used for signing certs and token that are used for communication within cluster.

  ## Attributes

  *   `aggregationCa` (*type:* `String.t`, *default:* `nil`) - The Certificate Authority Service caPool to use for the aggregation CA in this cluster.
  *   `clusterCa` (*type:* `String.t`, *default:* `nil`) - The Certificate Authority Service caPool to use for the cluster CA in this cluster.
  *   `controlPlaneDiskEncryptionKey` (*type:* `String.t`, *default:* `nil`) - The Cloud KMS cryptoKey to use for Confidential Hyperdisk on the control plane nodes.
  *   `etcdApiCa` (*type:* `String.t`, *default:* `nil`) - Resource path of the Certificate Authority Service caPool to use for the etcd API CA in this cluster.
  *   `etcdPeerCa` (*type:* `String.t`, *default:* `nil`) - Resource path of the Certificate Authority Service caPool to use for the etcd peer CA in this cluster.
  *   `gkeopsEtcdBackupEncryptionKey` (*type:* `String.t`, *default:* `nil`) - Resource path of the Cloud KMS cryptoKey to use for encryption of internal etcd backups.
  *   `serviceAccountSigningKeys` (*type:* `list(String.t)`, *default:* `nil`) - The Cloud KMS cryptoKeyVersions to use for signing service account JWTs issued by this cluster. Format: `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}`
  *   `serviceAccountVerificationKeys` (*type:* `list(String.t)`, *default:* `nil`) - The Cloud KMS cryptoKeyVersions to use for verifying service account JWTs issued by this cluster. Format: `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}`
  """

  use GoogleApi.Gax.ModelBase

  @type t :: %__MODULE__{
          :aggregationCa => String.t() | nil,
          :clusterCa => String.t() | nil,
          :controlPlaneDiskEncryptionKey => String.t() | nil,
          :etcdApiCa => String.t() | nil,
          :etcdPeerCa => String.t() | nil,
          :gkeopsEtcdBackupEncryptionKey => String.t() | nil,
          :serviceAccountSigningKeys => list(String.t()) | nil,
          :serviceAccountVerificationKeys => list(String.t()) | nil
        }

  field(:aggregationCa)
  field(:clusterCa)
  field(:controlPlaneDiskEncryptionKey)
  field(:etcdApiCa)
  field(:etcdPeerCa)
  field(:gkeopsEtcdBackupEncryptionKey)
  field(:serviceAccountSigningKeys, type: :list)
  field(:serviceAccountVerificationKeys, type: :list)
end

defimpl Poison.Decoder, for: GoogleApi.Container.V1.Model.UserManagedKeysConfig do
  def decode(value, options) do
    GoogleApi.Container.V1.Model.UserManagedKeysConfig.decode(value, options)
  end
end

defimpl Poison.Encoder, for: GoogleApi.Container.V1.Model.UserManagedKeysConfig do
  def encode(value, options) do
    GoogleApi.Gax.ModelBase.encode(value, options)
  end
end
